Distributed computing environments, including web application environments, generally require client users to identify themselves through an authentication scheme. Authentication may involve the comparison of credentials provided by a user at the time of a request against a previously stored set of credentials. Such a comparison provides a degree of certainty that user providing the credentials at the time of a request is the same user that provided the initial set of credentials. The identity of the user may be established by obtaining the initial set of user credentials through a trusted arrangement, e.g., in person, in association with a secondary identification, etc.
The distributed nature of an application environment may entail numerous entities that independently operate servers and client workstations on distinct, yet interconnected, networks. Accordingly, significant coordination and integration issues may develop. One particular coordination issue relates to firewalls. Firewalls generally restrict network communication to only a limited set of trusted transmissions. Entities wanting to establish a new communications protocol often become thwarted by institutionalized firewall policies that are reluctant to recognize new types of transmissions as trusted.
As more and more entities rely on a particular communication protocol, the protocol may become entrenched and therefore resistant to change. Accordingly, new features may be required to overlay or operate parallel to existing technology without modifications thereto. For instance, it may be infeasible to implement advances in authentication techniques, such as the use of biometrics, into existing distributed applications due to the degree of reprogramming and protocol changes that would be required at each of the various systems and components.